“I’m Alexis from Cryptors. I’m the founder and CEO. And I am Batman.”
That’s how Alexis John Lingad began his pitch as part of the third batch of Takeoff, a startup pitching event organized by the IT and Business Process Association of the Philippines (IBPAP) last August 30. He was pitching his startup to an audience of business process outsourcing (BPO) leaders and representatives, aiming to secure some of them as clients or even investors.
His business? Protecting organizations from cyberthreats such as malware, viruses and—closest to his heart—hacking.
“I am inspired by Batman because Batman’s just a man, but he can do impossible things,” said Lingad in the pitch. “I was inspired by him. That’s why I learned hacking.”
He started learning the principles of ethical hacking when he was still in high school, honing his skills online on dedicated practice websites. His growing interest in becoming a “white hat hacker,” or one who hacks systems in order to identify vulnerabilities in them, led him to form an underground organization when he was a college student at Mapua University called Cryptors.
“At the age of 17, I created a website… kung saan para makapasok ka, kailangan mong i-hack (where you have to hack the website to enter it),” he told Entrepreneur Philippines. “Naging underground hacker organization siya sa Mapua na kung saan yung mga nakakapasok lang yung mga nakakahack (It became an underground hacker organization in Mapua where the only people who can enter are hackers).”
The organization aimed to be an exchange of ethical hacking ideas and discussions. To raise awareness about the risks of hacking, it resorted to edgy tactics, going to the extent of hacking the Mapua website and telling the administration afterwards how to make it more secure.
A tendency to make bold if risky moves to demonstrate his programming prowess later proved to be his undoing.
When a group dubbing themselves as “Anti-Cryptors” hacked a famous Mapua Facebook page called Mapuan Secret Files and challenged Lingad to hack the page back within a week or they’ll release information from the hacked pages, he couldn’t resist the dare.
Lingad was able to hack back the Facebook page by himself in only three days, exposing himself and his underground organization in the process. While some recognized his efforts to save the Facebook page and the students’ information, many others misunderstood his actions and accused him of staging the entire scheme to gain attention. He was expelled from the school as a result.
“After two days, na-kick out ako dahil doon sa petition ng iba’t-ibang mga org doon kasi sabi nila ako lang din daw yung Anti-Cryptors (After two days, I got kicked out because of a petition from several orgs that claimed that I was also the person behind Anti-Cryptors),” shared Lingad. “Kasi raw ginawa ko lang daw yun para maging popular (They thought I did all that just to become popular).”
The expulsion led to a bout of depression but he recovered soon enough, determined to turn this failure into an opportunity. And he did so by reading up on several books about entrepreneurship in the hopes of turning his underground organization into a legitimate business.
And that’s exactly what he did in 2015 when he formed Cryptors Cyberscurity Inc.
The company started as an extension of the online community Lingad established in university, with him describing its first business model as a “gamified hacker tutorial.” Interested students can learn ethical hacking concepts online for free, complete with a virtual computer that they can practice their hacking skills on.
It unfortunately flopped, but the brand got a big boost when Lingad won the 2015 Philippine Hacker Games, a title he earned on his own in what is officially a team competition. With the title, he was invited to speak around the country about his story and cybersecurity awareness. The opportunity led to him writing a book, Cyber Defender: The Power of Hacking, the sales of which eventually helped him expand Cryptors to offer cybersecurity trainings for other businesses.
While professional seminars about digital protection, anti-hacking and other cybersecurity concepts weren’t new, Lingad said that what Cryptors brought to the table were much lower prices.
“Ang cybersecurity trainings ay nagco-cost ng Php100,000 to Php200,000 per session. Ganun kataas dati yung pricing (Cybersecurity trainings cost Php100,000 to Php200,000 per session before. Prices were very high),” shared Lingad. “So ang ginawa namin, binabaan namin. Kasi isa sa mga mission namin is to raise cybersecurity awareness to a lot more people. From Php100,000 ginawa naming Php500 to Php5,000 per person (So what we did was to lower the prices, because one of our missions is to raise cybersecurity awareness to a lot more people. So from Php100,000, we made each session cost Php500 to Php5,000 per person).”
The effect wasn’t lost on the industry, as according to Lingad, many of their competitors followed suit and lowered their seminars’ prices after Cryptors came into the picture. But that wasn’t a smooth ride, as Lingad said that some competitors offered to buy out his company instead or even threatened him due to his lower prices.
But Lingad and his team pushed on, with Cryptors establishing new services as time passed. After the seminars, the startup then created a Bug Bounty Platform where businesses can upload a mirror of their website that white hat hackers can then tinker around and point out vulnerable entry points. The solution promises thoroughness due to its crowdsourced nature as well as speed due to its collaborative structure.
“Ilalagay lang nila yun dito tapos iha-hack ng mga hackers. Tapos sasabihin nila doon sa company kung paano nila ginawa and kung ano yung solusyon (Companies put copies of their websites on the Bug Bounty Platform and then hackers will attempt to hack it. Once they do, they’ll tell the company how they did it and what solutions they can take to prevent it),” explained Lingad of the service. The hackers are then rewarded by the company for exposing these vulnerabilities.
The platform was an even bigger hit, as Lingad credited it for giving Cryptors global recognition and media attention. Most recently, it won an incubation program from a startup pitching competition hosted by real estate firm KMC Solutions and startup incubator Impact Hub Manila. Included in the program is a six-month stay in one of KMC’s coworking spaces and an intensive bootcamp implemented by Impact Hub. After the six-month program, KMC and Impact Hub will also be connecting Cryptors to investors for potential funding.
But for Lingad, the most important result of that incubation program was Cryptors’ newest offering, a mobile app called Hackuna.
Bringing protection to mobile
Launched in August 2018 on the Google Play store, Hackuna is a free mobile app that protects users’ phones against cyber-attacks from hackers and other digital threats such as viruses and malware. It does so through four main features that set it apart from the common anti-virus programs used in PCs and laptops.
Closest to Lingad’s hacker background is the Hacker Buster, which allows users to know if their phone has been hacked or is currently being hacked. He said that mobile phones are among the easiest devices to hack, so Hacker Buster allows users to have a more formidable line of defense against potential hackers.
Hackuna also has a feature similar to Cryptors’ seminars and trainings that Lingad calls Cybersecurity Awareness, allowing users to be in the know of the latest trends in social engineering, or a type of hacking using communication methods and manipulation of target people within an organization instead of software. With this, Lingad hopes that Hackuna’s users will be well-equipped to handle any social engineering threats that come their way.
As well, Hackuna can scan your phone’s apps to see if any of them are invading your privacy. These apps usually have more permissions enabled than necessary, getting access to data such as messages, microphone, GPS, etc. even when the app doesn’t need them to perform its functions.
“Di ba may Google Play Store and mostly doon tayo nagdodownload ng mga apps pag Android ka. Akala nila trusted yung mga nandoon, pero hindi nila alam na may mga app doon na sinisira yung privacy mo (The Google Play Store is where Android users usually download apps. Many people think those apps can be trusted, but they’re unaware that there are some apps that invade your privacy),” said Lingad. The feature, called Privacy Analyzer, can be used to disable certain app permissions or remove the app altogether.
The fourth and final feature Lingad claims is a “first in the world” service that he calls Wi-Fi Hack Blocker. With it, Hackuna users will be able to identify hackers who attempt to hack their phones while they’re connected on public Wi-Fi. What’s more, users will also be able to know a hacker’s IP address, laptop model and other pertinent information that they can then use to report the perpetrators to authorities.
“Dito sa Wi-Fi Hack Blocker, gumawa kami ng bagong algorithm kung saan made-detect mo yung hacker na nangha-hack sayo within the Wi-Fi (With Wi-Fi Hack Blocker, we created a new algorithm where you can detect any hacker that’s hacking you within the Wi-Fi),” described Lingad. “It’s like a beautiful weapon to counter the [hackers].”
All these features have allowed Hackuna to outperform other cybersecurity apps in the Play Store. As of early October, the app has been downloaded 22,000 times, a much faster takeup than the 1,000 downloads per month that most cybersecurity apps experience according to Lingad. He added that most of the downloads came from users in the US, the Philippines and India.
Hackuna can be downloaded for free on Android with iOS support coming soon, and Lingad is monetizing through ads within the app. He is also gearing up for the release of a paid premium version which will have more features catered to business owners with their own Wi-Fi networks.
“The era of you being afraid of hackers is gone,” said Lingad. “Kumbaga, ito na ang era kung saan (This will be the era where) the hacker will be afraid of hacking you because you have Hackuna.”
With many prospects and opportunities in the horizon for Hackuna and the continued strength of the other services, Lingad is confident that Cryptors is on its way to becoming the No. 1 anti-hack company in Southeast Asia. And they’re going to get there by disrupting and even replacing common anti-virus software.
Citing statistics from The Economic Times, Lingad said that a typical anti-virus software only protects users from 1.5 percent of all possible digital threats as it only focuses on viruses. It’s unable to address more complex threats such as social engineering, Wi-Fi hacking and privacy-invading apps—all of which Lingad is able to address through Hackuna.
“Southeast Asia is the biggest consumer of anti-virus, [so] gusto naming i-disrupt yung anti-virus, gusto naming palitan (We want to disrupt the anti-virus software, we want to replace it),” said Lingad. “Dati, sobrang mahal, dinisrupt namin. Ngayon, idi-disrupt naman namin yung anti-virus, kung saan ‘di talaga tayo sine-secure niyan. Para yung ibang company magsigayahan din at mas marami ang mase-secure (Before, cybersecurity was very expensive and we disrupted it. Now, we’re disruping the anti-virus software that doesn’t really keep our digital products secure. We want other companies to do what we’re doing so that more people will be secured).”
Lorenzo Kyle Subido is a staff writer of Entrepreneur PH